From d5dd618150d69c9b261fb2f92cc32d306b82d988 Mon Sep 17 00:00:00 2001
From: fadhlanhasyim <fadhlanhasyim54@gmail.com>
Date: Tue, 13 Dec 2022 20:35:51 +0700
Subject: [PATCH] Fix: Login Required

---
 trigger_6/views.py | 135 ++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 134 insertions(+), 1 deletion(-)

diff --git a/trigger_6/views.py b/trigger_6/views.py
index b2745e2..70bc5a9 100644
--- a/trigger_6/views.py
+++ b/trigger_6/views.py
@@ -12,6 +12,13 @@ def show_riwayat(request):
     role = request.COOKIES.get('role')
     email = request.COOKIES.get('email')
 
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     if role == 'restaurant':
         rname = request.COOKIES.get('rname')
         rbranch = request.COOKIES.get('rbranch')
@@ -45,11 +52,18 @@ def show_riwayat(request):
         'record': record,
         'adminid':request.COOKIES.get('adminid')
     }
-    print(record)
+
     return render(request, 'riwayat.html', context)
 
 
 def show_detail_riwayat(request, email, datetime):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+    cursor.execute('set search_path to sirest')
     # query riwayat by id
     sql = f'''select u.fname, u.lname, t.street, t.district, t.city, t.province, r.rname, r.rbranch, t.datetime, t.rating, foo.fname, foo.lname, co.platenum, co.vehicletype, co.vehiclebrand, 
     r.street, r.district, r.city, r.province, t.totalfood, t.totaldiscount, t.deliveryfee, t.totalprice, pm.name, ps.name from transaction t, courier co, transaction_food tf,  
@@ -86,6 +100,15 @@ def show_detail_riwayat(request, email, datetime):
 
 
 def show_form_penilaian(request, email, datetime):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     if request.method == 'POST':
         rating = request.POST.get('nilai')
         if rating != '0':
@@ -106,10 +129,25 @@ def show_form_penilaian(request, email, datetime):
 
 
 def show_buat_promo(request):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
     return render(request, 'buat_promo.html', {'role': request.COOKIES.get('role')})
 
 
 def show_form_promo_minimum(request):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     if request.method == "POST":
         name = request.POST.get('name')
         discount = request.POST.get('discount')
@@ -143,6 +181,15 @@ def show_form_promo_minimum(request):
 
 
 def show_form_promo_hari_spesial(request):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     if request.method == "POST":
         name = request.POST.get('name')
         discount = request.POST.get('discount')
@@ -170,6 +217,15 @@ def show_form_promo_hari_spesial(request):
 
 
 def show_daftar_promo(request):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     cursor.execute('select * from promo')
     records_promo = cursor.fetchall()
     records_promo = sorted(records_promo, key=lambda x: x[1].lower())
@@ -202,6 +258,15 @@ def show_daftar_promo(request):
 
 
 def show_ubah_promo(request, jenis, id):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     cursor.execute(f'select promoname from promo where id = \'{id}\'')
     record = cursor.fetchall()
     if request.method == 'POST':
@@ -240,6 +305,13 @@ def show_ubah_promo(request, jenis, id):
 
 
 def show_daftar_promo_restoran(request, rname, rbranch):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
     cursor.execute('set search_path to sirest')
     cursor.execute(f'select * from promo p, restaurant_promo r where p.id = r.pid and r.rname = \'{rname}\' and r.rbranch = \'{rbranch}\'')
     records_promo_resto = cursor.fetchall()
@@ -264,6 +336,13 @@ def show_daftar_promo_restoran(request, rname, rbranch):
 
 
 def show_form_promo_restoran(request):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
     cursor.execute('set search_path to sirest')
     rname = request.COOKIES.get('rname')
     rbranch = request.COOKIES.get('rbranch')
@@ -305,6 +384,15 @@ def show_form_promo_restoran(request):
 
 
 def show_form_ubah_promo_restoran(request, id):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     cursor.execute(
         f'select promoname, discount from promo where id = \'{id}\'')
     record_pname = cursor.fetchall()
@@ -372,6 +460,15 @@ def show_form_ubah_promo_restoran(request, id):
 
 
 def show_detail_promo(request, id):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     cursor.execute(f'select * from promo where id = \'{id}\'')
     records_promo = cursor.fetchmany()
 
@@ -399,6 +496,15 @@ def show_detail_promo(request, id):
 
 
 def show_detail_promo_restoran(request, rname, rbranch, id):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     cursor.execute(
         f'select * from promo p, restaurant_promo r where p.id = r.pid and r.pid = \'{id}\' and r.rname = \'{rname}\' and r.rbranch = \'{rbranch}\'')
     record_promo = cursor.fetchall()
@@ -430,18 +536,45 @@ def show_detail_promo_restoran(request, rname, rbranch, id):
 
 
 def delete_promo(request, id):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     cursor.execute(f'delete from promo where id = \'{id}\'')
     connection.commit()
     return HttpResponseRedirect(reverse('trigger_6:show_daftar_promo'))
 
 
 def delete_promo_restoran(request, rname, rbranch, id):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     cursor.execute(
         f'delete from restaurant_promo where pid = \'{id}\' and rname = \'{rname}\' and rbranch = \'{rbranch}\'')
     connection.commit()
     return HttpResponseRedirect(reverse('trigger_6:show_daftar_promo_restoran', kwargs={'rname':rname, 'rbranch':rbranch}))
 
 def ubah_form_input(request, id):
+    role = request.COOKIES.get('role')
+
+    if role == None:
+        return redirect("/login")
+    if role != 'restaurant':
+        return redirect("/")
+
+    cursor.execute('set search_path to sirest')
+
     cursor.execute(f'select discount from sirest.promo where id = \'{id}\'')
     discount = cursor.fetchone()
     
-- 
GitLab